package com.kexio.user.controller;

import java.util.List;
import java.util.Map;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import com.kexio.auth.annotation.RequiresPermission;
import com.kexio.common.dto.Result;
import com.kexio.user.service.SecurityMonitorService;

import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;

/**
 * 安全监控控制器
 *
 * 🛡️ 提供安全监控相关的API接口：
 * - IP访问统计
 * - 权限访问统计
 * - 安全建议
 * - 威胁检测
 *
 * @author Kexio Team
 * @since 2.2.0
 */
@RestController
@RequestMapping("/security-monitor")
@Tag(name = "安全监控", description = "安全监控和分析接口")
public class SecurityMonitorController {

    private static final Logger logger = LoggerFactory.getLogger(SecurityMonitorController.class);

    @Autowired
    private SecurityMonitorService securityMonitorService;

    /**
     * 获取IP访问统计
     */
    @GetMapping("/ip-statistics")
    @RequiresPermission("security:monitor:ip")
    @Operation(summary = "获取IP访问统计", description = "获取IP地址访问频次、地理位置等统计信息")
    public Result<List<Map<String, Object>>> getIpStatistics(
            @RequestParam(defaultValue = "24") int hours) {
        logger.debug("🌐 获取IP访问统计数据: hours={}", hours);
        List<Map<String, Object>> ipStats = securityMonitorService.getIpStatistics(hours);
        return Result.success(ipStats);
    }

    /**
     * 获取权限访问统计
     */
    @GetMapping("/permission-statistics")
    @RequiresPermission("security:monitor:permission")
    @Operation(summary = "获取权限访问统计", description = "获取权限检查次数、允许/拒绝比例等统计")
    public Result<Map<String, Object>> getPermissionStatistics(
            @RequestParam(defaultValue = "24") int hours) {
        logger.debug("🔑 获取权限访问统计数据: hours={}", hours);
        Map<String, Object> permissionStats = securityMonitorService.getPermissionStatistics(hours);
        return Result.success(permissionStats);
    }

    /**
     * 获取安全建议
     */
    @GetMapping("/security-recommendations")
    @RequiresPermission("security:monitor:recommendations")
    @Operation(summary = "获取安全建议", description = "基于系统分析生成的安全改进建议")
    public Result<List<Map<String, Object>>> getSecurityRecommendations() {
        logger.debug("💡 获取安全建议");
        List<Map<String, Object>> recommendations = securityMonitorService.getSecurityRecommendations();
        return Result.success(recommendations);
    }

    /**
     * 获取安全事件详细分析
     */
    @GetMapping("/security-events-analysis")
    @RequiresPermission("security:monitor:events")
    @Operation(summary = "获取安全事件分析", description = "获取安全事件的详细分析和统计")
    public Result<Map<String, Object>> getSecurityEventsAnalysis(
            @RequestParam(defaultValue = "7") int days) {
        logger.debug("📊 获取安全事件分析数据: days={}", days);
        Map<String, Object> analysis = securityMonitorService.getSecurityEventsAnalysis(days);
        return Result.success(analysis);
    }

    /**
     * 获取安全趋势数据
     */
    @GetMapping("/security-trends")
    @RequiresPermission("security:monitor:trends")
    @Operation(summary = "获取安全趋势", description = "获取安全指标的趋势变化数据")
    public Result<Map<String, Object>> getSecurityTrends(
            @RequestParam(defaultValue = "30") int days) {
        logger.debug("📈 获取安全趋势数据: days={}", days);
        Map<String, Object> trends = securityMonitorService.getSecurityTrends(days);
        return Result.success(trends);
    }
}
